diff --git a/machine-docs/REVIEW-settings.md b/machine-docs/REVIEW-settings.md index 098e8ce..5360494 100644 --- a/machine-docs/REVIEW-settings.md +++ b/machine-docs/REVIEW-settings.md @@ -76,3 +76,43 @@ narrative. Read JOURNAL only AFTER writing this verdict (contextualization only) value raises (loud, intended). No defects. No VETO. M1 cold-PASS. → M2 (live server) may be claimed. + +### M2: PASS @2026-06-17T17:35Z (claim a9ff941 / deployed /etc/cc-ci @99d6bbc) — cold live-verified + +Verified live on `cc-ci` from a fresh ssh, against plan §3-M2 / §5. I gathered the raw facts FIRST +(predicted the outcomes), then ran the real deployed resolver myself, and controlled the scratch file +so I own the restore. + +**Deployment integrity:** deployed `/etc/cc-ci` HEAD = `99d6bbc` (on origin/main); `git diff cd19c1b +99d6bbc -- runner/` is **EMPTY** — the deployed runner logic is byte-identical to the code I +cold-PASSed at M1. Only docs + `scripts/show-upgrade-base.py` were added. The probe is faithful: it +calls the real `run_recipe_ci.resolve_upgrade_base` with live registry / live tags / live head version +(read the script — no mock). + +**Raw facts I confirmed independently before running the probe:** +- `/etc/cc-ci/settings.toml` ABSENT (steady state → default false). +- keycloak: NO `/var/lib/ci-warm/keycloak/canonical.json`; tags include `10.7.1+26.6.2` and head + `10.8.0+26.6.3` → newest tag < head = `10.7.1+26.6.2`. +- gitea: canonical `3.5.3+1.24.2-rootless` (status idle); head `3.6.0+1.24.2-rootless`; newest tag < + head = `3.5.3`. + +**Live probe (I ran it myself, all from the real `/etc/cc-ci/settings.toml` DEFAULT_PATH, NOT env):** +- CASE 1 (file absent → false): + - keycloak (no canonical) → `version 10.7.1+26.6.2`, reason `no-canonical fallback: newest release + tag older than head 10.8.0+26.6.3` — a real published predecessor, **NOT main-tip**. ✓ (a) + - gitea (canonical present) → `version 3.5.3+1.24.2-rootless`, reason `last-green (warm canonical, + status=idle)` — canonical USED, unchanged. ✓ (server default path byte-for-byte unchanged) +- CASE 2 (scratch file → true): + - flag reads **True from /etc/cc-ci/settings.toml** → gitea's canonical 3.5.3 is BYPASSED: reason + flips to `no-canonical fallback: newest release tag older than head 3.6.0+1.24.2-rootless` + (resolves to release tag, not the canonical lookup). The reason change is the proof of bypass. ✓ (b) + - keycloak → unchanged (no canonical either way). +- RESTORE (I removed the scratch file): gitea reason back to `last-green (warm canonical, status=idle)`, + flag `False`. Server left in steady state: `/etc/cc-ci/settings.toml` ABSENT, checkout clean @99d6bbc. + +**Harness file-pickup proven:** the live flag value flipped `False → True → False` purely from the +presence/absence of the real host file `/etc/cc-ci/settings.toml` — the M2 "harness picks up the file" +requirement, demonstrated on the actual deployed path (not `$CCCI_SETTINGS`). + +No defects. No VETO. **M2 cold live-PASS. Both M1 + M2 have fresh Adversary PASSes — Builder cleared +to write `## DONE`.**